Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
File: 993731a0-abe8-41b9-bad3-ce7852d4f117.roa (raw, json)
Hash identifier: 7Klu16sgXpc7GxHVhSPOUoVjolfJ2447Hud4ArV3m+c=
Subject key identifier: 36:CB:4B:90:8F:F2:A6:92:0E:65:ED:54:F7:F4:BA:0F:25:03:C7:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65E42F132B652EF6C39CE64D33510A0B13085B21
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
Signing time: Tue 20 May 2025 20:50:47 +0000
ROA not before: Tue 20 May 2025 20:50:47 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:e4:2f:13:2b:65:2e:f6:c3:9c:e6:4d:33:51:0a:0b:13:08:5b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:47 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=db8523a18fab3ee6a61e6d24ec05b4858294372441bc0c3c6f4b0e187919274a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a6:dc:40:36:25:6d:72:9c:08:9e:18:bf:d7:
bb:1b:b7:a0:17:5b:04:c8:2f:29:d7:92:d3:72:0d:
ee:c3:79:34:d8:01:e8:8a:0c:db:55:7d:50:ee:c3:
87:b0:c8:76:b0:d3:e3:4d:a4:fe:0c:c1:c1:85:8d:
a0:78:42:48:04:38:10:2a:54:a3:0f:73:43:1a:58:
76:27:0e:5e:74:a5:88:8e:6a:b2:01:16:0f:f8:44:
58:55:da:26:bc:8f:e9:2f:6a:bb:79:d9:1a:20:3a:
a5:2c:ed:57:ce:5d:80:5d:b5:59:df:37:d2:5f:84:
34:94:3e:f7:2c:05:f1:fd:29:f0:d8:5b:d5:24:d6:
21:62:e4:de:b9:b4:13:a5:4b:d6:72:b9:3c:b7:5e:
44:cb:74:52:eb:09:d3:e3:b6:06:84:2a:10:38:88:
74:40:c2:bb:58:4e:07:63:8b:aa:42:28:14:7b:77:
ac:43:bd:4f:fa:80:e7:5b:59:7d:19:ae:14:1c:b1:
2d:70:a2:ac:1d:b8:b1:18:08:48:12:56:43:d9:1f:
5a:31:f9:79:bd:1c:2c:58:6e:56:16:e3:44:26:a7:
bc:ca:23:f3:85:35:b8:3a:d6:43:6a:91:ac:8b:37:
3e:62:7c:28:d6:2a:c6:71:64:9f:b6:52:00:5a:ea:
4a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:CB:4B:90:8F:F2:A6:92:0E:65:ED:54:F7:F4:BA:0F:25:03:C7:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
17:0f:b6:30:ef:87:72:24:a1:ad:4e:d4:11:99:eb:c7:a8:80:
ca:82:1b:5d:e3:06:b3:7c:30:45:65:7e:91:c6:c2:f6:b6:d1:
19:b8:37:84:73:21:b1:af:39:b4:5d:46:11:f7:d5:77:ed:46:
1c:f5:e5:99:1d:02:dd:91:2a:9a:02:f4:7f:71:28:be:ef:b1:
9a:e8:13:e0:75:b3:42:4a:0e:8b:d8:7f:ff:2c:46:90:ca:90:
c2:9c:52:21:76:ef:05:26:9d:b9:92:c7:f2:60:ed:08:d8:ca:
7f:78:e6:eb:e6:a2:b8:19:f0:4b:21:ec:ec:59:7e:ff:68:e8:
99:cc:d4:1c:c4:a9:6b:ef:a3:82:74:5c:98:02:45:f7:d4:4b:
e2:85:84:0b:6d:f4:01:22:36:b0:a3:b0:b9:df:4f:98:1a:25:
a2:02:0f:a0:01:14:e1:6b:37:fb:95:ea:28:49:b8:c1:db:a0:
c4:1d:f8:91:9a:8f:95:02:d3:11:d8:5b:d7:d7:76:ca:f2:29:
67:1f:b1:a6:ee:e7:c7:40:e1:9f:d3:7a:08:f6:1f:e4:a1:57:
ef:ac:12:a8:dc:c2:c2:fa:db:5f:6f:12:26:7d:6e:5a:83:df:
fe:b6:82:2d:1f:c1:8e:df:02:63:53:fb:90:89:68:f2:7d:d1:
75:ab:49:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZeQvEytlLvbDnOZNM1EKCxMIWyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwNDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiODUyM2ExOGZhYjNlZTZhNjFlNmQyNGVjMDViNDg1ODI5NDM3MjQ0MWJj
MGMzYzZmNGIwZTE4NzkxOTI3NGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALem3EA2JW1ynAieGL/Xuxu3oBdbBMgvKdeS03IN7sN5NNgB6IoM21V9UO7D
h7DIdrDT402k/gzBwYWNoHhCSAQ4ECpUow9zQxpYdicOXnSliI5qsgEWD/hEWFXa
JryP6S9qu3nZGiA6pSztV85dgF21Wd830l+ENJQ+9ywF8f0p8Nhb1STWIWLk3rm0
E6VL1nK5PLdeRMt0UusJ0+O2BoQqEDiIdEDCu1hOB2OLqkIoFHt3rEO9T/qA51tZ
fRmuFByxLXCirB24sRgISBJWQ9kfWjH5eb0cLFhuVhbjRCanvMoj84U1uDrWQ2qR
rIs3PmJ8KNYqxnFkn7ZSAFrqSs8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ2y0uQ
j/Kmkg5l7VT39LoPJQPHQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTkzNzMxYTAtYWJlOC00MWI5LWJhZDMtY2U3ODUyZDRmMTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQAXD7Yw74dyJKGtTtQRmevHqIDKghtd4wazfDBFZX6R
xsL2ttEZuDeEcyGxrzm0XUYR99V37UYc9eWZHQLdkSqaAvR/cSi+77Ga6BPgdbNC
Sg6L2H//LEaQypDCnFIhdu8FJp25ksfyYO0I2Mp/eObr5qK4GfBLIezsWX7/aOiZ
zNQcxKlr76OCdFyYAkX31EvihYQLbfQBIjawo7C530+YGiWiAg+gARThazf7leoo
SbjB26DEHfiRmo+VAtMR2FvX13bK8ilnH7Gm7ufHQOGf03oI9h/koVfvrBKo3MLC
+ttfbxImfW5ag9/+toItH8GO3wJjU/uQiWjyfdF1q0l+
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:28:35 2025 by rpki-client